Академический Документы
Профессиональный Документы
Культура Документы
Administration
Administering a Secure Network
Introduction
The rule system followed by a firewall is the first match-apply type. In this case,
the final firewall rule by default is to deny. The principles of this rule are that if
any data packet is not denied or allowed explicitly by any other rule systems
then firewall rules always block that packet by default. It is a good example of
white-list security management tools having separate rules for inbound (Data
Packets coming in) and outbound (Data Packets going out) data depending
on the firewall types such as stateful inspection firewall. However, it is important
to review each of the rules very carefully before implementing them in the
firewall to avoid blocking useful data packets and the creation of possible
loopholes.
VLAN Management
This is a hardware implementation that segregates the LAN with the help of
switches. The VLAN is utilized primarily to control traffic for enhanced
performance and security of the network. It is also used for isolation of
traffic from the network segment. During communication, certain VLANs
can be avoided by not defining any specific route between them. This can
also be achieved by specifying a filter between VLANs. The VLAN should be
designed to allow necessary data packets while denying unnecessary
ones.
Secure the router configuration
The ACL defines whether one can access or be allowed to carry forward a
particular function. It is applicable mostly to access objects but can be
extended for use in communication as well. ACL is mostly used in firewalls,
switches and routers as a measure for security management. The ACL rules
are known as “Filters” or “Rules of ACL” where data packets are allowed as
an exception and denied by default.
Port Security
This process aims to review the log files, audit trails and other types of
records generated by computers to identify policy violations, malicious
events, downtimes and other related issues. This process should be done at
regular intervals in the active network environment. Sometimes log analysis
is performed automatically through the various engines such as IPS or IDS.
Manual log analysis time to time is also essential apart from the automatic
ones to understand the pattern and set limits for automatic analysis.
Unified Threat Management